<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org"
      xmlns:sec="http://www.thymeleaf.org/extras/spring-security"
      xmlns:shiro="http://www.pollix.at/thymeleaf/shiro">
<head>
    <meta charset="UTF-8">
    <title>主页</title>
</head>
<body>
<h2>
    主页
</h2>
<div sec:authorize="hasRole('vip1')">
    <a th:href="@{/level1/1}">1.1</a>
    <a th:href="@{/level1/2}">1.2</a>
    <a th:href="@{/level1/3}">1.3</a>
</div>
<div sec:authorize="hasRole('vip2')">
    <a th:href="@{/level2/1}">2.1</a>
    <a th:href="@{/level2/2}">2.2</a>
    <a th:href="@{/level2/3}">2.3</a>
</div>
<div sec:authorize="hasRole('vip3')">
    <a th:href="@{/level3/1}">3.1</a>
    <a th:href="@{/level3/2}">3.2</a>
    <a th:href="@{/level3/3}">3.3</a>
</div>
<!--没登录就显示登录按钮-->
<a th:href="@{/login}" sec:authorize="!isAuthenticated()">
    登录
</a>
<a th:href="@{/logout}"  sec:authorize="isAuthenticated()">
    注销
</a>
<!--如果已经登陆就显示用户名和角色权限-->
<div sec:authorize="isAuthenticated()">
    用户名:<span sec:authentication="principal.username"></span>
    角色权限：<span sec:authentication="principal.authorities"></span>
</div>
</body>
</html>
